[X4U] Implications of Boot Camp

[Stroller]

On 6 Apr 2006, at 13:32, Jim Robertson wrote:

> On 4/5/06 8:51 PM, "Robert Ameeti" <robert at ameeti.net> wrote:
>
>> Thus, that user will likely have a virus on their computer within 10
>> minutes of having installed the OS and connecting to the Internet
>> unless they have proper anti-virus software. This is just the reality
>> of the Windows world.
>
> Is it REALLY that bad? I cannot imagine the entire world tolerating  
> such a
> scenario.

Um, pretty much.

I've seen estimates & tests that indicate infection in far less than  
10 minutes if you install a fresh copy of XP & connect directly to  
the Internet using an ADSL or cable modem. This has undoubtedly  
improved with SP2 which enables the firewall by default, but 10  
minutes would probably be reasonable.

> The third of these obviously requires an internet connection, but  
> I'd do it
> behind a router with NAT. Windows XP ships with low cost virus  
> software
> (free for basic protection, I think).

Does it indeed? Could you tell me what anti-virus that might be?

Dell, Packard Hell & other major OEMs tend to bundle Norton &/or  
McAfee preinstalled on new machines. This is free for 3 months but  
then demands you pay a subscription in order to stay "protected";  
your definition of "low cost" may be different to mine, but in terms  
of system resources both of these brands offer a hungry, high-cost &  
bloated suite of rubbish (since the user doesn't know what foo.exe  
is, what is the point of the firewall asking whether it should be  
allowed or denied access to the internet? foo.exe could quite easily  
be a component of your printer driver software checking for updates,  
or installed as part of almost any other software on your system.  
With such "smart" firewalls users will likely allow virii access to  
the internet just to shut the damn thing up from complaining every 5  
minutes).

My experience of Norton & McAfee is that, should they be uninstalled  
from an XP system that has been running for some time, AVG will find  
a number of malicious files that they have missed. AVG is free for  
personal use and half or a quarter of the price for commercial users;  
it doesn't pretend to do spam filtering or firewalling and simply  
does anti-virus well and efficiently. Combined with Window's own  
firewall and regular Windows Updates then this should be quite secure.

> Supposing one doesn't boot into Windows except when behind a  
> router, and
> then only visits https sites (NEVER receiving email or straying to the
> darker corners of the web), how risky is that scenario?

That's a very unlikely scenario and it would only take one slip-up to  
get infected. What happens of you're behind a NAT but one of the  
other computers on the LAN is infected? Widows runs services on a  
number of open ports, any of which is a potential vector of attack.  
The most common situation when corporate networks have become  
infected is that a contractor or employee has brought a laptop with  
no or poor antivirus onto the network; one situation occurred when  
laptops from one department regularly missed scheduled updates from  
the company's servers because the employees responsible for them were  
working from home or on the road when the updates became available.

Basically, you're far better off with cheap but effective (read: AVG)  
anti-virus and not having to be paranoid. I'm not saying you can't  
ever get infected, but the risk probably lower than using your  
suggested approach of cautious network usage.

CONTINUED...